Commands executed as root:
# systemctl stop clamav-freshclam
# freshclam --debug --verbose
Sat Mar 20 16:00:21 2021 -> ClamAV update process started at Sat Mar 20 16:00:21 2021
Sat Mar 20 16:00:21 2021 -> *Current working dir is /var/lib/clamav/
Sat Mar 20 16:00:21 2021 -> *Querying current.cvd.clamav.net
Sat Mar 20 16:00:21 2021 -> *TTL: 1623
Sat Mar 20 16:00:21 2021 -> *fc_dns_query_update_info: Software version from DNS: 0.103.1
Sat Mar 20 16:00:21 2021 -> *Current working dir is /var/lib/clamav/
Sat Mar 20 16:00:21 2021 -> *check_for_new_database_version: No local copy of "daily" database.
Sat Mar 20 16:00:21 2021 -> *query_remote_database_version: daily.cvd version from DNS: 26115
Sat Mar 20 16:00:21 2021 -> daily database available for download (remote version: 26115)
Sat Mar 20 16:00:21 2021 -> *Retrieving https://database.clamav.net/daily.cvd
Sat Mar 20 16:00:21 2021 -> *downloadFile: Download source: https://database.clamav.net/daily.cvd
Sat Mar 20 16:00:21 2021 -> *downloadFile: Download destination: /var/lib/clamav/tmp.5ee08cf0a0/clamav-746b5f842a022ff02206be76e0c77fe8.tmp
* Trying 104.16.219.84:443...
* Connected to database.clamav.net (104.16.219.84) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* error setting certificate verify locations: CAfile: /etc/ssl/certs/ca-certificates.crt CApath: /etc/ssl/certs
* Closing connection 0
Sat Mar 20 16:00:21 2021 -> ^Download failed (77) Sat Mar 20 16:00:21 2021 -> ^ Message: Problem with the SSL CA cert (path? access rights?)
Sat Mar 20 16:00:21 2021 -> ^getcvd: Can't download daily.cvd from https://database.clamav.net/daily.cvd
Sat Mar 20 16:00:21 2021 -> Trying again in 5 secs...
The alleged "error setting certificate verify locations" is false:
# sudo -u clamav -EH ls -al /etc/ssl/certs/ca-certificates.crt
-rw-r--r-- 1 root root 186336 Mar 15 08:45 /etc/ssl/certs/ca-certificates.crt
# sudo -u clamav -EH ls -al /etc/ssl/certs
total 556
drwxr-xr-x 3 root root 12288 Mar 15 08:45 .
...
Also, it is possible to contact the website as clamav user, meaning there is no CA access issue for that user:
# sudo -u clamav -EH wget https://database.clamav.net
--2021-03-20 16:21:12-- https://database.clamav.net/
Resolving database.clamav.net (database.clamav.net)... 104.16.219.84, 104.16.218.84, 2606:4700::6810:da54, ...
Connecting to database.clamav.net (database.clamav.net)|104.16.219.84|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: ‘index.html’
# more index.html
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="content-type">
<meta content="15;url=http://www.clamav.net" http-equiv="Refresh">
<title>ClamAV database mirror</title>
</head>
<body>
<div style="text-align: center;">
<big>
<img style="width: 125px; height: 102px;" alt="ClamAV logo"
src="//www.clamav.net/assets/clamav-trademark.png">
</big>
<br>
</div>
<br>
<br>
You reached one of ClamAV virus database mirrors: <a
style="font-style: italic;" href="http://database.clamav.net">database.clamav.net</a>
is a round robin record that tries to equally balance the traffic
between all the database mirrors.<br>
For a complete list of our mirrors visit <a
href="http://www.clamav.net/mirrors.html">http://www.clamav.net/mirrors.html</a><br>
<br>
<br>
You'll be redirected to ClamAV home page (<a
href="http://www.clamav.net">http://www.clamav.net</a>) in 15
seconds...<br>
<br>
<br>
<hr style="width: 100%; height: 2px;"><small style="font-weight: bold;">This
mirror is sponsored by </small><br>
<br>
<img alt="Sponsor Logo" src="local_logo.png"><br>
<br>
</body>
</html>
This is a very strange issue.
Any suggestion on how to debug/workaround that issue?
Ubuntu 21.04
clamav-freshclam: 0.103.0+dfsg-3.1
Commands executed as root: cvd.clamav. net query_update_ info: Software version from DNS: 0.103.1 for_new_ database_ version: No local copy of "daily" database. remote_ database_ version: daily.cvd version from DNS: 26115 /database. clamav. net/daily. cvd /database. clamav. net/daily. cvd clamav/ tmp.5ee08cf0a0/ clamav- 746b5f842a022ff 02206be76e0c77f e8.tmp 219.84: 443... certs/ca- certificates. crt CApath: /etc/ssl/certs /database. clamav. net/daily. cvd
# systemctl stop clamav-freshclam
# freshclam --debug --verbose
Sat Mar 20 16:00:21 2021 -> ClamAV update process started at Sat Mar 20 16:00:21 2021
Sat Mar 20 16:00:21 2021 -> *Current working dir is /var/lib/clamav/
Sat Mar 20 16:00:21 2021 -> *Querying current.
Sat Mar 20 16:00:21 2021 -> *TTL: 1623
Sat Mar 20 16:00:21 2021 -> *fc_dns_
Sat Mar 20 16:00:21 2021 -> *Current working dir is /var/lib/clamav/
Sat Mar 20 16:00:21 2021 -> *check_
Sat Mar 20 16:00:21 2021 -> *query_
Sat Mar 20 16:00:21 2021 -> daily database available for download (remote version: 26115)
Sat Mar 20 16:00:21 2021 -> *Retrieving https:/
Sat Mar 20 16:00:21 2021 -> *downloadFile: Download source: https:/
Sat Mar 20 16:00:21 2021 -> *downloadFile: Download destination: /var/lib/
* Trying 104.16.
* Connected to database.clamav.net (104.16.219.84) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* error setting certificate verify locations: CAfile: /etc/ssl/
* Closing connection 0
Sat Mar 20 16:00:21 2021 -> ^Download failed (77) Sat Mar 20 16:00:21 2021 -> ^ Message: Problem with the SSL CA cert (path? access rights?)
Sat Mar 20 16:00:21 2021 -> ^getcvd: Can't download daily.cvd from https:/
Sat Mar 20 16:00:21 2021 -> Trying again in 5 secs...
The alleged "error setting certificate verify locations" is false: certs/ca- certificates. crt certs/ca- certificates. crt
# sudo -u clamav -EH ls -al /etc/ssl/
-rw-r--r-- 1 root root 186336 Mar 15 08:45 /etc/ssl/
# sudo -u clamav -EH ls -al /etc/ssl/certs
total 556
drwxr-xr-x 3 root root 12288 Mar 15 08:45 .
...
Also, it is possible to contact the website as clamav user, meaning there is no CA access issue for that user: /database. clamav. net /database. clamav. net/ clamav. net)... 104.16.219.84, 104.16.218.84, 2606:4700: :6810:da54, ... clamav. net)|104. 16.219. 84|:443. .. connected.
# sudo -u clamav -EH wget https:/
--2021-03-20 16:21:12-- https:/
Resolving database.clamav.net (database.
Connecting to database.clamav.net (database.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: ‘index.html’
index.html [ <=> ] 1.14K --.-KB/s in 0s
2021-03-20 16:21:12 (21.3 MB/s) - ‘index.html’ saved [1166]
# more index.html "content- type"> www.clamav. net" http-equiv= "Refresh" > /www.clamav. net/assets/ clamav- trademark. png"> database. clamav. net">database. clamav. net</a> www.clamav. net/mirrors. html">http:// www.clamav. net/mirrors. html</a><br> www.clamav. net">http:// www.clamav. net</a>) in 15 logo.png" ><br>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv=
<meta content="15;url=http://
<title>ClamAV database mirror</title>
</head>
<body>
<div style="text-align: center;">
<big>
<img style="width: 125px; height: 102px;" alt="ClamAV logo"
src="/
</big>
<br>
</div>
<br>
<br>
You reached one of ClamAV virus database mirrors: <a
style="font-style: italic;" href="http://
is a round robin record that tries to equally balance the traffic
between all the database mirrors.<br>
For a complete list of our mirrors visit <a
href="http://
<br>
<br>
You'll be redirected to ClamAV home page (<a
href="http://
seconds...<br>
<br>
<br>
<hr style="width: 100%; height: 2px;"><small style="font-weight: bold;">This
mirror is sponsored by </small><br>
<br>
<img alt="Sponsor Logo" src="local_
<br>
</body>
</html>
This is a very strange issue.
Any suggestion on how to debug/workaround that issue?